Wireshark-dev: [Wireshark-dev] New feature about packets statistic
From: "Bingyao Du" <[email protected]>
Date: Fri, 24 Nov 2006 17:56:22 +0800
Hi Dev,

A requirement is submitted in many situations, if wireshark could provide the packets statistic,such as how many packets whose udp.srcport is 8000. I mean that wireshark could listen on some port and receive remote query-string with socket, and wireshark could reply the right answer according to the query. It's work seems that:

____________________________                                                                          __________________________________________
|  what ever application, if only      |   Send Query string to wireshark                        |                                                                          |
| it could send the right format      |---------->------------>--------------->-------------->----------->| Listen on some port to deal with query.                |
| query string and recognize the   |                                                                        |                        Wireshark                                   |
| answer.                                   |<----------<------------<---------------<--------------<------------|                                        capturing the packet    |
|___________________________|    Receive Answer                                              |__________________________________________|

The query string content may be the same as filter, such as udp.srcport  == 1024. Also, we could use XML to construct query string.

The new feature is very useful. In my opinion, it should be used much more times than before. What is your comment?

Best regards.